Cybersecurity

A challenging transition for new state CIOs

Several people are new to leading their state’s technology divisions and must navigate all manner of rules and laws while trying to make their own mark on the position.

School software provider is the latest target of major hack of personal data

The incident is the latest large-scale data breach in the U.S., as year after year, the number of cybercrimes continues to rise.

Exclusive

Coming federal cyber executive order includes a push to mobile drivers licenses

The draft order does not, however, tackle the full breadth of actions that were expected from a promised identity executive order that has yet to materialize.

Resilience over resources: Closing the cybersecurity gap in state and local government

COMMENTARY | While they may lack the budget and staff to mount an effective defense, states and localities can take many other steps without needing to spend more money.

Parents think schools’ cybersecurity is stronger than reality, report says

Recent research from Keeper Security found a “widening gap” between the perception of districts’ cyber readiness. Better training and information sharing can help improve the outlook.

How govs can strengthen their cyber staff in the new year

Budgetary and staffing challenges are likely to follow state and local governments into 2025, but experts say agencies’ progress toward addressing those obstacles will prevail too.

Governor urges Rhode Islanders to take precautions to protect personal data

Gov. Dan McKee called the deadline given by hackers who installed malicious malware on the RIBridges system and demanded a ransom a “moving target” at a press conference late Saturday afternoon.

Democrats push to protect the data privacy of people seeking abortions

In Congress, Sen. Elizabeth Warren plans to reintroduce legislation to ban data brokers from selling consumers’ health and location data. A similar effort is underway in Michigan.

Could states’ cyber get trickier under a Trump admin?

Some Republicans have proposed eliminating CISA altogether, which could complicate information sharing efforts. More pressing, though, is the ending of federal cyber grants.

Cyber training is key to help underserved communities, report finds

States must work to develop cybersecurity professionals in areas that have been left behind, and can use relationships with schools and nonprofits to do so, according to a new NASCIO report.

State and local security adjusting to shifting cyber threats, insurance requirements

COMMENTARY | Ransomware and other threats are making cyber insurance—and the stronger security needed to qualify for it—imperative for government organizations.

Russian email domains sent uncredible bomb threats to polling places, FBI says

Kremlin-backed actors have a long record of sowing fear and disinformation into the U.S. election process.

New art exhibit helps make cyber issues real

The show in Alexandria, Virginia, explores issues like privacy, artificial intelligence and misinformation through artistic expression.

Why Cybersecurity Awareness Month should be every month

COMMENTARY | Cybercrime costs have surpassed $10 trillion globally, illustrating the relentless threat and why state CISOs say they want the spotlight on cybersecurity year-round.

What states learned from the CrowdStrike outage

Three months since a faulty update caused outages and disruptions worldwide, state CIOs are looking back and assessing how they did.

Amid tight budgets and talent gaps, the job of state technology chief just keeps expanding

Many state chief information security officers say they don’t have a reliable budget, staff or expertise to adequately protect against cyberattacks, according to a new survey.

How two states have spent their share of the $1B in cybersecurity grants

With little precedent for such a big federal investment in cybersecurity, states have largely had to write their own playbooks on how to distribute the funds to local governments.

How the nation’s largest school system keeps students safe

By thinking of physical and digital safety as the same, the New York City schools are preparing their systems for ever-evolving technologies.

Crowdstrike debacle underlines single-point-of-failure risk

COMMENTARY | As our dependency on technology and energy increases, state and local leaders need to take a hard look at their disaster recovery and business plans.

Texas’ $1.4B settlement with Meta highlights the need for data privacy protections, experts say

Attorney General Ken Paxton secured an eye-watering sum for Facebook’s alleged misuse of facial recognition tech. But observers argue that states need to go further and put more teeth in privacy laws.